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Enterprise  App  Stores:  A  Good  Idea? 


SHOULD  EMPLOYEES  be  able  to  down¬ 
load  enterprise  appUcations  just  like 
smartphone  users  donvnload  consum¬ 
er  software  from  online  app  stores? 
That’s  a  question  some  IT  shops  and 
software  veixlors  are  pondering,  according 
to  a  Jan.  lo  blog  post  by  Gartner  IiK.  analyst 
Dennis  Gaughan. 

He  said  that  an  enterprise  app  store  could 
help  IT  deploy  and  maintain  corporate  apps 
more  easily  while  tracking  downloads  and 


inexpensive  smartphone  apps: 

■  Unlike  Apple  Inc.’s  popular  App  Store, 
where  one  company  controls  everything 
except  code  development,  an  enterprise  app 
store  would  have  to  deal  with  a  wide  variety 
of  technologies  and  vendors.  “It  would 
also  require  a  level  of  cooperation  between 
vendors  that,  to  say  the  least,  has  been  dif- 
ficrdt  to  achieve,"  Gaughan  said. 

■  Smartphone  apps  work  independently, 
whereas  enterprise  apps  (like  order 


Intrusion  Tools 
Getting  Better 
But  Need  Timing 


rates  of  94.5%  and  91.8%.  respec¬ 
tively,  in  NSS’s  tests. 

When  engineers  from  the  com¬ 
panies  were  allowed  to  "tune’’ 
their  products,  oradd  more  rules 
designed  to  catch  specific  types  of 
attacks,  the  13  IPS  products  had 
substantially  higher  success  rates. 

Some  products  had  effectiveness 
rates  as  low  as  31%  at  the  default 
settings.  •There’s  a  big  difference 
between  the  default  and  the  tuned 
for  many  vendors,'  said  Rick  Moy. 
president  of  NSS  Labs. 

The  11  vendors  voluntarily  submit¬ 
ted  their  products 


It  means  doctors  in  Ethiopia  will  be  able  to  instantly  compare  this  blood  sample  to  over  41,000  HIV  treatment 
histones  to  help  their  patients  receive  the  best  treatment  regimen  possible.  The  EuResist  Network  is  helping 
';cloctors  pre^  patient  response  to  various  HIV  treatments  with  over  78%  accuracy— outperforming  9  out  of  10 
.human  exp^  in  a  recent  study.  The  tool  Is  built  on  an  IBM  analytics  solution  that  integrates  a  variety  of  disparate 
databases  ote  a  flexible  IBM  DB2*  platform  to  process  complex  metadata  more  effectively  than  anything  else 
on  the  market  A  smarter  organization  is  buHt  on  smarter  software,  systems  and  services. 


Lat^  build  a  smarter  planet,  ibm.com/hospital 


Smarter  isNnwIogy  for  a  SrnartBr  Planet: 

What  database  integration  means 
to  this  blood  sample. 
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Bi  Tools  Can 
Help  Evaluate 
Green  Programs 
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ENTERPRISE  APPLICATIONS 

Users  Hit  ‘Pause’  on  ERP  Investments 

HE  NUMBER  of  companies  planning  customers  may  not  adopt  them  for  some  time, 

to  invest  in  their  ERP  systems  will  Those  features  include  cloud-based  deployment 

drop  subtly  this  year,  according  to  a  options,  mobile  applications  and  embedded 


7  trillion 

SMS  text  messages  will  be 
sent  worldwide  this  year. 


Functionality,  ahhou^ 


Rely  on  one  network  right 
where  your  team  needs  it 

Sprint  Global  MPLS  gives  you  the  upper  hand  by  converging  voice, 
video  and  data  on  a  single  IP-based  network.  Sprint  Global  MPLS  also 
gives  you  best-in-class  network  performance,  yyith  industry-leading 
SLAs  and  Class  of  Service  at  no  additional  charge  to  get  you  started. 
1-866-653-1056  sprintcom/convergence 


Sprint  ^ 

The  Now  Network' 


02010  Splint  SpntK  a 


Congress  Set  to 
Debate  Tech  Issues 


Analysts  expect  a  divided  Congress  to  come  together 
to  tackle  targeted  cybersecurity,  skilled  immigration 
and  other  tech-related  bills  this  year.  By  Grant  Gross 


*  I  '  focus  on  the  budget  and  social  issues,  analysts  expect 
I  that  legislators  will  also  take  on  key  technology  con- 
I  cems,  albeit  with  scaled-back  legislation. 

JL  The  session  of  Congress  that  started  this  month 

Ends  Democrats  in  control  of  the  Senate  and  Republicans 
bolding  a  majority  in  the  House  of  Representatives  —  a  situa¬ 
tion  that  is  expected  to  make  For  a  contentious  period  leading  up 
to  next  year's  elections.  But  analysts  say  that  some  tech  topics 


roents  could  be  reached  on  select  pieces  of  legislation. 


tackle  some  key  tech  issues  before  lawmakers’  attention  turns 
to  the  2012  election  cycle,  said  Dean  Garfield,  president  and 
CEO  of  the  Washington-based  Information  Technology  Industry 


the  economy  back  on  track  and  create  jobs,” 
Garfield  said. 

For  example,  while  comprehensive  cyber- 
security  legislation  is  unlikely  to  pass  through 
Congress,  smaller  pieces,  such  as  a  scaled-down 
data-breach  notification  bill  or  funding  for 
cybersecurity  research,  have  a  chance  at  becom- 
ii^  law  in  this  session,  said  Charlie  Greenwald, 
vice  president  of  communications  at  TechAmeri- 
ca,  a  Washington-based  technology  trade  group. 

Technology  policy  experts  also  expect  that 
Congressional  Republicans  will  push  to  repeal 
the  December  Federal  Communications 
Commission  vote  to  approve  Net  neutrality 

S  rules  that  prohibit  broadband  providers  from 

blocking  customer  access  to  legal  Web  content. 
Rep.  Marsha  Blackburn  (R-Teon.)  has  already 
BtllGr  introduced  legislation  that  would  strike  down 

,  the  new  Net  neutrality  rules. 

'SltlOn  The  push  to  repeal  the  ruling,  which  was 

criticiz^  by  both  business  and  consumer 
groups,  is  likely  to  stall  either  in  the  Senate  or 
the  White  House,  experts  said. 

Other  tech-related  agenda  items  that  could 
move  forward  this  year  include  a  revamp  of  the  as-year-old  Elec¬ 
tronic  Communicatitxis  Privacy  Act,  reform  of  skilled-immigration 
programs,  corporate  tax  changes  that  would  affect  many  technol¬ 
ogy  firms,  measures  affecting  wireless  spectrum  for  public  safety 
agencies,  and  a  free-trade  agreement  with  South  Korea. 

Meanwhile,  experts  anticipate  that  any  bills  looking  to  provide 
consumers  with  more  control  over  tracking  by  online  advertis¬ 
ing  networks  and  Web  sites  are  probably  doomed  to  fail  in  a 
Republican-controlled  House  of  Representatives. 


mittee  introduced  legislation  that  would  have  allowed  consumer 
to  opt  out  of  Web  tracking  efforts,  but  Republicans  sided  with 
several  advertising  and  business  groups  that  exposed  the  bill. 
Thus,  chances  of  similar  legislation  passing  in  2011  are  small.  ♦ 
Gross  is  a  reporter  for  the  IDG  News  Service. 


think  there’s  a  real  opportunity  to  get  some  meaningful  [technology]  legislation  passed. 


There’s  no 
Technology 
like  Business 
Technology. 


Punch  cards,  floppy  disk  and  data  processing.  Will  'irrformatio 

increasingly  clear  that  we  need  to  become  acquainted  with  a 

Innovative  thinking  and  technology  have  already  led  to  a 
step  change  in  the  way  business  is  done  in  the  21”  century. 
Procurement  has  evolved  into  Supply  Chain  Management, 
sales  teams  are  now  supported  by  Customer  Relationship 
Management  and  sales  campaigns  are  now  supplemented 
by  Social  Media  Marketing.  Common  to  these  developments 
are  the  powerful  tools  required  to  assist  management  and 
employees  in  order  to  efficiently  control  global  work  processes. 
Regardless  of  the  type  of  enterprise  or  government  body, 
organizations  that  fail  to  employ  the  very  latest  technologies 
and  services  will  not  be  able  to  compete  in  the  longer  term. 

A  media  company  that  isn't  familiar  with  the  latest  iPad  and 
Android  applications,  an  industry  player  that  doesn’t  have  a 
firm  grip  on  its  manufacturing  chain,  or  a  utility  company  that 
isn't  up  to  date  on  the  topic  of  smart  grids  -  will  find  it  difficult 
to  both  operate  cost  effectively  and  continue  to  grow  their 
customer  bases. 

It  has  become  extremely  difficult  to  gain  a  general 
understanding  of  the  huge  range  of  technology  and  services 
available,  let  alone  the  detailed  information  regarding  these 
solutions.  Despite  trade  journals  and  fairs,  very  few  managers 
can  boast  that  they  still  have  a  complete  and  up-to-date 
picture,  even  within  their  own  field  of  expertise. 

The  people  who  are  thriving  on  the  challenge  have  two  key 
areas  of  competence.  First,  deep  industry  know-how  about 
the  internal  processes  and  needs  of  customers,  partners 
and  suppliers.  In  short:  Business.  Second,  the  ability  to 
understand  and  shape  the  technological  landscape,  the 
interaction  of  the  components  and  the  transformation  to 
the  state-of-the-art  technologies  and  trends,  such  as  cloud 
computing  and  app-based  business  models. 

In  short:  Technology. 


)n  technolog/  soon  be  another  of  these  outdated  terms?  It  Is 
r  fresh  term:  Business  Technology. 

Siemens  fT  Solutions  and  Services,  one  of  the  world's  largest 
outsourcers  and  providers  of  industry-specific  solutions,  has 
recognized  the  growing  importance  of  Business  Technology  and 
is  backing  it  as  the  future  of  its  industry.  The  team  at  Siemens 
are  such  passionate  exponents  of  Business  Technology  that  they 
call  themselves  the  Business  Technologists. 

HChristiati  Oeddng,  Chainnan  of 

the  Managing  Board  of  Siemens  IT 
Solutions  and  Services,  describes  his 
people  and  why  the  company  has 
made  such  a  defining  statement: 

*Our  people  can  talk  on  equal  terms 
with  IT  specialists  as  wed  as  business 
leaders  and  process  managers.  They 
can  look  at  businesses  from  bmh 
an  economic  and  a  technological 

They  supply  technological  answers  to  industry-specific 
questions  and  they  implement  comprehensive  and  concrete 
technological  solutions  from  a  strong  partner  ecosystem 
that  help  our  customers  deliver  on  their  business  strategy. 
The  customer  landscape  demands  Business  Technology  and 
we  are  ready  to  deliver  it  Hke  no  other  company.  Thafs  why 
we  are  the  Business  Technologists.' 

Contact: 

Siemens  IT  Solutions  and  Services,  Inc 
101  Merritt  7  06851 
Norwalk,  a 
Tel.  203-642-2300 


The  reality  Is  there  are  thousands  of  individuals  drawing  on  E-mail: 

a  unique  understanding  of  a  wide  range  of  industries  and  corporate.communications.us.it-solutions@siemens.com 

practicing  Business  Technology  day  in.  day  out.  Further  information:  www.usa.siemens 


s.comfit-solutions 
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Exec  Exits  Bad  News 
Eor  Microsoft  Techies 

Microsoft  watchers  say  the  loss  of  Muglia  and 
others  could  prove  to  be  a  burden  to  the  company’s 
technical  staff.  By  Gre^  Keizer  and  Joab  Jackson 


The  departures  of  Bob  Muglia  and  other  executives 
from  Microsoft  Corp.  could  be  a  troubling  sign  for  the 
software  vendor,  because  many  of  those  involved  in  the 
exodus  were  held  in  high  esteem  by  the  company’s  tech¬ 
nical  talent,  industry  observers  say. 

Muglia,  a  23'year  Microsoft  veteran  who’s  slated  to  step  down 
as  president  of  the  company’s  lucrative  Server  and  Tools  Business 
(STB)  this  summer,  will  be  the  latest  in  a  wave  of  top  executives  to 
leave  the  software  giant  in  recent  months. 

In  just  over  ayear,  Microsoft  has  lost  Chief  Software  Architect 
Ray  Ozzie;  Stephen  Elop,  the  Office  group’s  president;  Robhie 

Bach,  president  cS  the  enteitainment  division;  Chief  Financial 


Officer  Chris  Liddell;  and  now  Muglia. 

“What  worries  me  is  the  loss  of  these 
long-term  people  —  people  who  had  the 
respect  of  the  technical  community  inside 
Microsoft,”  said  Rob  Helm,  an  analyst  at 
Directions  on  Microsoft,  a  Kirkland,  Wash.- 
based  research  firm.  “That  was  especially 
true  of  Muglia.  His  departure  will  he  a  real 
burden  to  that  part  of  Microsoft.”  Engineer¬ 
ing  groups  "felt  [Muglia]  was  someone  who 
heard  them,”  Helm  added. 

Don  Dodge,  a  former  Microsoft  evangelist 
who  was  laid  off  in  2009  and  then  joined 
Goo^e  as  a  developer  advocate,  said  in  his 
personal  blog  that  “losing  Muglia,  Robbie 
Bach,  Steve  Elop,  Ray  Ozzie,  Chris  Liddell, 
Kevin  Johnson,  Jeff  Raikes  and  other  senior 
execs  is  devastating.” 

Johnson  was  president  of  Microsoft’s  plat¬ 
form  and  services  group,  and  Raikes  once 
led  the  Office  unit;  both  left  in  2008. 

In  a  memo  to  Microsoft  employees  an¬ 
nouncing  the  latest  departure  earlier  this 
month,  CEO  Steve  Ballmer  touted  Muglia’s 
considerable  accomplishments  in  building 
STB  into  a  $15  billion-a-year  operation. 

However,  Ballmer  also  hinted  that  chang¬ 
ing  the  group’s  leadership  might  be  the  best 
move  for  the  future  of  the  business,  which  is 
responsible  for  Microsoft’s  development  and 
infrastructure  products,  including  Microsoft 
Windows  Server,  SQL  Server,  Visual  Studio 
and  System  Center. 

"Bob  Muglia  and  I  have  been  talking 
about  the  overall  business  and  what  is 
needed  to  accelerate  our  growth,”  Ballmer 
wrote.  “In  this  context,  I  have  decided  that 
now  is  the  time  to  put  new  leadership  in 
place  for  STB.  This  is  simply  recognition 

.  that  all  businesses  go  through  cycles  and 

need  new  and  different  talent  to  manage 
through  those  cycles." 

Muglia  has  also  been  credited  with  siiepheiding  Microsoft’s 
entry  into  cloud  computing  by  guiding  the  rollout  of  its  Azure 

Helm  suggested  in  an  interview  that  Microsoft  might  look 
outside  the  company  to  replace  Muglia,  though  he  couldn’t  iden¬ 
tify  any  potential  replacements. 

Muglia’s  departure  “is  a  critical  one,  but  I  couldn’t  point  at  any 
one  replacement,”  said  Helm.  “There  are  [^nty  of  other  com¬ 
puting  companies  that  work  in  the  same  space  and  are  headed 
toward  the  cloud.  [They]  have  executives  who  might  work  out.”  • 
Jackson  b  a  reporter  for  the  IDG  News  Service. 


What  worries  me  is  the  loss  of  these  long-term  people  -  people  who  had  the  respect 
of  the  technical  commiinity  inside  Microsoft. 
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Grill 


This  travel  agency 
CIO  uses  technology 
to  give  customers  the 
personal  touch. 


Kathryn 

Akerman 


U 


THE  GRILL  |  KATHRYN  AKERMAN 


to  put  together  their 
own  itinerary.  If  they 
come  to  us,  it’s  one 
e-mail  Cor  them  and 
then  we  put  together 
the  options  they  need. 


What  are  the  most . 
Important  technolo¬ 
gies  you  provide  to 
your  employees? 

We  just  made  a 

new  computers  for 
all  our  agents.  We 
took  advantage  of  a 
dual  screen  for  our 
corporate  agents, 
which  allows  them  to 
work  so  much  mote 
efficiently  —  to  have 
an  e-mail  on  one  side 
and  booking  travel 
on  the  other.  And  the 
midoffice  quality- 
control  system  is 
hugely  important  for 
us.  It  has  made  our 
agents  much  more 
efficient,  so  they  can 

service.  Our  agents 
can  work  with  the 


than  deal  with  those 
formatting  steps  that  a  computer  can  do  for  them.  So 
once  we  finalize  (travel  plans]  with  the  customer,  we 
can  push  that  reservation  through  to  the  technol¬ 
ogy  and  take  care  of  those  redundant  steps,  issuing 
the  ticket  and  the  quality  control  —  making  sure 
the  seats  are  correct,  [checking]  the  date  continuity, 
e-mailing  the  customer  with  confirmation. 


It  allows  the  customers  to  be  so  much  better  in¬ 


formed  when  they  come  to  us.  But  one  of  our  biggest 
struggles  is  the  way  we  bocJ:  travel.  There  are  these 
antique  legacy  systems  that  the  airlines  created  long 
ago  that  were  purchased  by  other  entities.  They 
require  a  lot  of  technology  integration. 


How  do  you  use  tedinology  to  allow  your  company^ 

We  do  ofer  foster  and  more  complex  booking  inter- 
foces  than  customers  typically  see  on  those  online 
sites.  But  we  also  have  that  peisonal  service  that 
helps  our  cUents  save  time  and  money.  We’re  also 
helping  corporations  to  streamline  their  expenses 


[and  improve]  visibility.  These  businesspeople  want 
to  book  online,  but  the  CFO  wants  to  know  where 
they’re  spending  money.  So  by  giving  them  that 
online  tool  with  those  discounts,  they  have  that 
visibility. 

Your  web  site  talks  about  travel  being  a  people 

capabilities  they  need  but  keep  the  technology 
from  getting  in  the  way  of  that  personal  touch?  We 

really  make  such  a  concerted  effort  to  get  the  booking 
done  behind  the  scenes.  We’re  focused  on  the  fact 
that  you’re  coming  to  us  because  of  our  hands-on 
experience.  We  want  people  to  know  we  have  up- 
to-date  technology  and  an  up-to-date  Web  site,  but 
I  don’t  know  if  technology  will  be  the  driving  factor 
in  why  they  come  to  us.  It’s  still  our  people  and  the 
experience  they  have. 

I  understand  you’re  updating  your  web  site.  It’s  a 
full  rebuild.  We  had  what  was  really  just  an  online 
brochure.  But  we  want  people  to  go  into  our  site  and 
have  a  feel  for  who  we  are.  And  with  today’s  different 
generations  —  baby  boomers  to  Gen  Y  —  1  think 
they’re  all  reached  so  differently  tK>w.  If  it’s  the  baby 
boomer  who  still  wants  to  have  the  brochure  and  see 
that  person’s  face,  that’s  there,  too. 

So,  what  are  the  priorities  as  you  rebuild?  To  have 
up-to-rlate  information  accessible  at  all  times.  So 
whether  it’s  how  to  reach  an  agent  [or]  to  be  able  to 
do  a  little  bit  of  research  —  to  know  that  an  agent 
who  is  traveling  to  Africa  is  blogging,  and  that’s 
where  you’re  planning  on  going  next  year,  and  you 
can  follow  her  and  see  how  it’s  going;  to  open  up  a 
video  of  a  trip  that  an  agent  just  took  to  Greece  and 
get  a  feel  for  hoiw  the  hotel  was  from  her  perspective 
—  it’s  still  that  human  element,  but  adding  technol¬ 
ogy  to  have  that  information  at  all  times. 


to  provide  for  them?  Most  clients  just  want  to  have 
access  to  us.  They  just  want  to  know  we’re  there.  So 
it’s  providing  phone  service  for  emergencies,  so  when 
they’re  stiKk  at  an  airport,  they  have  someone  to  call. 
On  a  CFO  level,  they  want  to  see  the  reports.  They 
want  to  have  the  travel-spend  visibility  and  an  online 
reporting  tool  to  access  the  data  we’ve  pushed  out.  It’s 


but  have  the  phone  ring  as  seamlessly  as  if  the  agent 
were  in  the  office. 


What  rcpNdiif  your  rcatest  Challenge  right  now  as 
CIO?  To  keep  up  with  technology  but  not  break  the 
bank  providing  those  technologies,  and  yet  still  allow 
us  to  retain  that  human  element. 
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Cloud  by  Van  Gogh,  1890  Cloud  by  SunGard,  2011 


A  work  of  art  in  secure  computing. 

Building  a  better  cloud  takes  a  revolutionary  approach  to 
virtualization  that  goes  far  beyond  conventional  solutions. 
With  a  resilient  infrastructure  and  robust  security,  SunGard 
provides  maximum  protection  and  a  fully  managed  solution 
that  virtually  eliminates  the  risk  of  failure.  Navigate  the  cloud 
with  confidence  as  it  dynamically  scales  to  meet  your  needs. 
With  leading-edge  technology  and  a  staff  of  accomplished 
professionals,  SunGard  can  help  make  your  next  cloud 
computing  project  a  work  of  art. 


Download  the  white  paper 
“Building  a  Better  Cloud” 
at:  sungardas.com/cloud11 


SUNGARD  AVAILABILITY  SERVICES 


premotions 
are  not  pr  new 
boss's  primary 
concern.  She 
has  the  facts  of 
the  transition  to 
deal  with. 


consultant  who  helps 
technical  organizations 
improve  productivity 
through  leadership, 
and  the  author  ot 
the  award-winning 
book  Leading  Geeks 
Uossey-Bass.2003). 
You  can  contact  him  at 
info@paulglen.com. 


What  to  Do  When 
You  Get  a  New  Boss 


HERE  ARE  FEW  WORK  EXPERIENCES  as  unsettling  as  the  arrival  of  a 
new  boss.  I’m  not  talking  about  moving  into  a  new  department  or  job 
and  getting  a  new  supervisor  in  the  process.  That  can  be  fun,  because 
you’re  excited  about  the  new  assignment  or  promotion. 

this  together  well  enough  to  make  a  list  of  the  top 
few  things  that  you  think  your  new  boss  has  been 
talced  to  accomplish. 

You're  going  to  use  those  suppositions  to  create 
a  second  list,  but  first  I  recommend  a  little  exer¬ 
cise  aimed  at  getting  your  emotions  in  hand.  This 
involves  writing  two  other  lists.  These  lists  aren’t 
for  anyone’s  eyes  but  yours,  so  don’t  hold  anything 
back.  The  title  of  the  first  should  be  “Things  the 
new  boss  could  do  that  would  exacerbate  all  of  our 
current  problems.”  The  second  should  be  “Things 
tly?  new  boss  could  do  that  would  undermine 
what’s  working  really  well  now.”  After  you’ve 
vented,  go  over  these  two  lists  and  think  about  the 
^nuine  issues  that  have  given  rise  to  the  items 
you  have  put  down. 

Once  you  have  studied  these  two  lists  enou^ 
to  separate  emotion  from  reason,  write  down  the 
things  that  you  feel  the  new  boss  needs  to  under¬ 
stand  about  the  current  work  of  the  organization, 
how  it  does  or  doesn’t  su|^rt  her  presumed 
mandate,  your  role  in  that  work,  the  culture  of  the 
organization  and  the  individuak  involved.  Run 
through  the  list  and  make  sure  you  really  know 
what's  important  about  each  point. 

In  your  first  meeting  with  the  new  boss,  you 
need  to  restrict  yourself  to  sharing  only  the 
category  titles  and  general  themes  you  have  come 
up  with.  You  don’t  want  to  overwhelm  her  with 
d^ls  at  this  point. 

The  goal  of  your  first  meeting  with  your  new 
boss  is  to  establish  a  working  relationship  that  will 
earn  you  the  r^t  to  share  the  details  later  and 
have  your  input  be  respected.  ♦ 


I’m  talking  about  when  your  boss  gets  replaced. 

In  that  case,  th^’e’s  rarely  a  sense  of  adventure. 

Most  people  find  a  change  above  them  to  be  unset¬ 
tling,  prompting  them  to  ask  themselves  things  like, 
“Will  I  g^  fired  when  the  new  boss  Inrings  in  his 
favorite  peof^e  from  his  past  position?”  “Will  my 
contributions  be  valued  as  mudi  as  befisre?”  "Why 
didn’t  I  get  the  job?  Am  I  not  respected  here?” 

These  issues  are  freighted  with  emotion,  and 
that  can  make  it  difficult  to  get  off  on  the  ri^t 
foot  with  the  new  supervisor.  To  give  yourself  the 
best  chance  of  establishing  a  productive  relation¬ 
ship,  you’ll  need  to  do  a  little  homework.  Take  the 
focus  off  yourself  and  do  your  best  to  understand 
the  new  boss’s  situation.  Recognize  that  your  emo¬ 
tions  are  not  your  new  boss’s  primary  coiKern. 

She  has  the  facts  of  the  transit  ion  to  deal  with, 
along  with  her  own  emotions. 

Here  are  some  steps  to  take  in  preparation  for 
that  first  big  meeting. 

Start  by  figuring  out  what  your  new  boss’s 
mandate  mi^  be.  You  can  probably  make  a 
pretty  good  guess  by  considerii^  the  state  of  your 
group  and  taking  stock  of  the  circumstances 
under  which  your  old  boss  left.  Was  his  departure 
voluntary  or  involunury?  Was  he  fired,  promoted 
or  sul^ted  to  a  life  change,  or  did  he  choose  to 
move  to  another  organization?  Was  he  loved  or 
despised  by  subordinates,  peers  and  supervisors? 
The  challenges  faced  by  the  new  boss  will  be  quite 
different  depending  on  whether  she  is  succeeding 
a  beloved  patriarch  who  left  everything  running 
smoothly  or  a  despised  despot  who  left  a  pile  of 
bodies  behind.  You  should  be  able  to  put  all  of 
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faster  server  ROI. 


With  budgets  flat  and  warkloods  exploding,  it's  time  to  unleash  the  innovation  and  cost  savings  locked  up 
within  your  aging  server  infrastructure  with  next  generation  HP  Proliant  servers  powered  by  8-  and  12-co<e 
AMD  Opteron™  6100  Series  processors.  Upgra^  now  and  experience: 

•  23:1  server  consolidation  ratio' 

•  96%  or  more  savings  on  energy  and  cooling' 

•  $48,380  in  total  savings  lor  every  100  users* 


Transform  your  server  environment  while  building  the  foundation  for  the  HP  Converged  Infrastructure. 
All  for  an  investment  that  pays  for  itself  in  as  little  as  2  months.'  Unleash  foster  server  ROI  now. 
Outcomes  that  matter. 


See  the  proof.  Access  ogr  ROI  calculator  and  register  to  download  your  podcasts  at 

hp.com/servers/unleashS 


$2,599  (Save  $498) 


Starting  at  $3,079 


1&r  WEB  HOSTING 


'Working  with  startup  companies  on  a  tight 
budget  my  dients  know  an  oniine  presence  is 
needed,  i  use  1&1  exdusiveiy  to  satisfy  their 
requests  for  reiiabie  hosting  at  affordabie  rates.' 


DROPPC^iniUAI  WFRCITK 

6  MONTHS 


t&l*  HOSTING  PACKAGES 

6  MONTHS 

FREE! 


As  the  world's  largest  web  host,  we  know  the  developer 
features  you  need  in  a  hosting  package! 


Domains  Included 

info  .org  All  hosting  packages  include  domains, 
.not  I'*®  of  your  package. 


Unlimited  Traffic 

Unlimited  traffic  to  all  websites  in  your 
1&1  hosting  package. 


Developer  Features 

Extensive  language  support  with  PHP  5/6 
(beta)  with  Zend  Framework  and  git  version 
management  software. 


Online  Marketing  Tools 

SEO  tools  to  optimize  your  website. 

1&1  Webstatistics  makes  it  easy  to  monitor 
your  progress. 


Green  Data  Centers 

committed  to  hosting  your  site  with 
a  minimal  impact  on  the  environment. 


1&1*  BUSINESS  PACKAGE: 


■  250  GB  Web  Space 


Software  (gK) 

■  2,S00  E-mail  Accounts 

■  50  MySQL  Database  (100  MB) 

■  25  FTP  Accountt 

■  E-mail  Marketing  Tool 

■  24/7  Toll-free  Customer  Support 


•info  domain  only  $0.99  first  year' 
.com  domain  only  $4.99  first  year* 
More  great  offers  available 
on  our  website! 


Get  started  today,  call  1-877-GO-1AND1 


www.1and1.com 
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without  technology,  but  you  can’t 
invest  in  technology  without  the 
blessings  of  the  finance  depart¬ 
ment.  And  thanks  to  the  stagnant 
economy,  the  pendulum  of  power 
between  Finance  and  IT  is  swing¬ 
ing  decidedly  toward  the  chief 
financial  officer’s  door  these  days. 

“The  power  dynamic  in  the  C-suite  really  does  change 
when  the  economic  times  are  difficult,”  says  Bob  Martins, 
a  CFO  partner  at  Tatum  LLC,  an  executive  services  firm 


—  before  you  come  knocking.  bymaryk.pratt 
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HINT!  CFOs  Like 
Cloud  Computing 


frioKly  topic 

CFOs  like  Uie  pay-as-you-go  economics  of  cloud  computing 
because  it  keeps  cash  in  the  bank  longer,  notes  a  Forrester 
Research  report- 

To  a  CFO;  IT  capacity  or  an  application  purchased  from  a 
doud  service  provider  is  an  operating  expense  that  can  be 
scaled  up  to  meet  a  rising  business  need  -  or  turned  off  when 
the  need  evaporates.  The  same  system  hosted  in  the  corpo-  ^ 
rate  data  center  is  a  sunk  cost  that  includes  a  capital  expendi¬ 
ture  that  must  be  carried  on  the  balance  sheet  as  an  asset  that 
loses  value  as  it  depredates.’  the  report  explains. 

Forrester  says  that  because  of  the  difference  between  capi¬ 
tal  expendhures  and  operating  expenditures,  cloud  comput- 
ingyieldsthekindoffinancial  benefits  that  CFOs  value: 

■  ■etter  cash  flmi.  The  company  avoids  taking  on  debt 
and  wribng  a  big  check  upfront.  Instead,  checks  are  written 
monthly  or  quarterly. 

■  lamrflnaiicial  risk.  With  a  doud-based  system,  you 
pay  only  for  what  you  use.  and  you  can  terminate  the  con- 
traa  An  on-premises  system  means  spending  money  upfront 
for  benefits  that  may  or  may  not  materialize. 

■  CrtattfflnaiidalvlsWHty.  A  cloud  services  provider 
can  tell  you  how  much  it  will  cost  to  add  a  user  or  process  an 
additional  transaction.  Many  IT  shops  would  be  hard-pressed 
to  do  the  same  for  an  on-ptemises  system. 

■  Healthier  return  on  assets.  Cloud  costs  are  incurred  in 
the  same  time  period  that  the  value  is  delivered,  so  the  bal¬ 
ance  sheet  doesn't  carry  an  ever-depreciating  capital  asset  of 
hardware  and  software,  which  lowers  the  increasingly  impor¬ 
tant  financial  metric  of  return  on  assets. 

in  a  recent  survey  of  481  CFOs  in  the  U.5..  about  half  said 
they  already  have  some  IT  activities  occurring  in  the  cloud. 


headquartered  in  Atlanta.  “And  right  now,  any  kind  of  spending 
decision  requires  much  more  scrutiny.” 

All  of  this  means  that  now  is  an  excellent  time  for  you,  as  an 
IT  manager,  to  hear  whdl  Finance  has  to  say.  Computerworld 
asked  several  CFOs  what  message  they’d  most  like  to  get  through 
to  their  top  technologists. 

Say  Goodbye  to  Bells  and  Whistles 

During  better  economic  times,  Don  MacKenzie,  CFO  and  chief 
operating  officer  at  Accounting  Management  Solutions  Inc., 
could  be  persuaded  to  buy  a  more  expensive  system  if  it  offered 
nice-to-have  usability  options  or  extra  functionality. 

But  these  days,  the  age^ld  battle  between  cost  and  function¬ 
ality  is  being  won  by  cost.  So  when  the  Waltham,  Mass.-based 
professional  services  firm  needed  new  customer  relationship 
man^ment  software,  MacKenzie  told  his  CIO  at  the  outset, 
“Maybe  we  don't  need  the  Cadillac.  Our  prol^em  might  be  better 
solved  using  a  Chevy  solution.” 

MacKenzie  expected  the  CIO  to  deliver  an  analysis  that  looked 
at  several  systems  —  something  he  has  always  done,  in  good 
times  and  bad  —  detailing  how  much  each  one  cost,  the  features 
offered  and  what  type  of  ROI  each  one  could  be  expected  to 
deliver.  But  MacKenzie  admits  that  given  the  financial  pressure, 
the  weight  was  almost  all  on  the  cost  side  of  the  equation. 

“I’m  not  suggesting  that  there  wouldn’t  have  been  a  financial 
analysis  [in  the  past],”  MacKenzie  continues,  “but  the  focus  then 
would  have  been  more  on  functionality  and  on  [the  software's] 
tie-in  to  other  applications.  That  might  have  overridden  the 


These  days,  that's  npt  the  case.  One  of  the  optioas  the  CIO  pre¬ 
sented  was  “a  300-pound  gorilla  with  all  the  bells,"  MacKenzie 

Play  With  the  Toys  You  Already  Have 

Tibco  Software  Inc.  in  Palo  Alto,  Calif.,  has  made  significant 
investments  in  IT  in  the  past,  including  the  acquisition  of  an 
ERP  system.  So  before  Executive  Vice  President  and  CFO  Sydney 
Carey  opens  the  coffers  to  buy  more  hardware  or  software,  she 
wants  to  make  sure  that  the  company  is  making  full  use  of  its 

“The  rece&’iinn  has  focused  us  more  on  the  fact  that  we’ve 
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0%  He  the  pay-as-you-go  eoinomte  of  doud  computiiig 
because  X  keeps  cash  in  the  bank  longer,  notes  a  Forrester 
Research  report 

To  a  CFa  IT  capacity  or  an  application  purchased  from  a 
doud  service  provider  is  an  operating  expense  that  can  be 
scaled  up  to  meet  a  rising  business  need  -  or  turned  off  when 
the  need  evaporates.  The  same  system  hosted  ki  the  corpo¬ 
rate  data  center  is  a  sunk  cost  that  includes  a  capital  espendi- 
hire  that  must  be  carried  on  the  balance  sheet  as  an  asset  that 
loses  value  as  X  depredates.*  the  report  explains. 

Forrester  says  that  because  of  the  dXference  between  capi¬ 
tal  expendXures  and  operating  expendXures.  doud  comput- 
ing  yields  the  kind  of  financial  benefXs  that  CFOs  value: 

■  Hetfr  cull  Hew.  The  company  avoids  taking  on  debt 
and  wiXbig  a  big  check  upfronL  Instead,  checks  are  written 
monthly  or  <)uattet^. 

■  UmrIliMKW  iWLWXh  a  doud-based  system,  you 
payonlyfOrwhatyouuse.andyoucantermXiatethecon- 
traa  An  onprernises  system  rneans  spending  money  upfront 
for  benefXs  that  may  or  may  not  materialize. 

■  CnMvflMBcWtMMtty.  A  cloud  service  provider 
can  leX  you  how  much  X  wM  cost  to  add  a  user  or  process  an 
addXional  transaction.  Many  IT  shops  vnuM  be  hard-pressed 
to  do  the  same  for  an  on-premises  system. 


the  same  time  period  that  the  value  is  deXvered.  so  the  bal¬ 
ance  sheet  doesn't  carry  an  ever-depredating  capXal  asset  of 
hardware  and  software.  vXiich  lowers  the  increasingly  impor¬ 
tant  financial  metric  of  return  on  assets. 

m  a  recent  survey  of  481  CFOs  In  the  U.S..  about  half  said 
they  already  have  some  IT  actIvXies  occurring  in  the  doud. 
The  survey  by  Duke  university  and  CFO  magazine  found  that 
83%  of  the  CFOs  expect  their  companies  to  rely  on  cloud- 


Say  Goodbye  to  Bells  and  Whistles 

During  better  economic  times.  Don  MacKenzie,  CFO  and  chief 
operating  officer  at  Accenting  Management  Solutions  Inc., 
could  be  persuaded  to  buy  a  mote  expensive  system  if  it  offered 
nice-to-have  usability  options  or  extra  functionality. 

But  these  days,  the  age-old  battle  between  cost  and  function¬ 
ality  is  being  won  by  cost.  So  when  the  Waltham,  Mass.-based 
professional  services  firm  needed  hew  customer  relationship 
management  software,  MacKenzie  told  his  CIO  at  the  outset, 
"Maybe  we  don’t  need  the  Cadillac.  Our  problem  might  be  better 
solved  using  a  Chevy  solution." 

MacKenzie  expected  the  CIO  to  deliver  an  analysis  that  looked 
at  several  systems  —  something'he  has  always  done,  in  good 
times  and  bad  —  detailing  how  much  each  one  cost,  the  features 
offered  and  what  type  of  ROI  each  one  could  be  expected  to 
deliver.  But  MacKenzie  admits  that  given  the  financial  pressure, 
the  weight  was  almost  all  on  the  cost  side  of  the  equation. 

T’m  not  suggesting  that  there  wouldn’t  have  been  a  financial 
analysis  [in  the  past],’’  MacKenzie  continues,  “but  the  focus  then 
would  have  been  mote  on  functionality  and  on  [the  software’s] 
tie-in  to  other  applications.  That  might  have  overridden  the 

These  days,  that’s  not  the  case.  One  of  the  options  the  CIO  pre¬ 
sented  was  “a  300-pound  gorilla  with  all  the  bells,”  MacKenzie 
says,  "but  we  went  with  one  that  was  a  lot  cheaper." 


HlNTi  CFOs  like 
Ckxjd  Computing 


Play  With  the  Toys  You  Already  Have 

Tibco  Software  Inc.  in  Palo  Alto,  Calif.,  has  made  significant 
investments  in  IT  in  the  past,  including  the  acquisition  of  an 
ERP  system.  So  before  Executive  Vice  President  and  CFO  Sydney 
Carey  opens  the  cofers  to  buy  mote  hardware  or  software,  she 
wants  to  make  sure  that  the  company  is  making  full  use  of  its 

“The  recession  has  focused  us  more  on  the  foct  that  we've 
made  investments,”  she  says,  “so  we  need  to  ask,  'Are  we  really 
getting  all  we  can  from  them?’  ” 

Specifically,  Carey  explains,  “we  needed  to  leverage  our 
systems,  automating  or  integrating  or  getting  the  ri^t  informa¬ 
tion  to  the  ri^t  people  at  the  right  time  to  make  rlecisions”  — 


ling  staff. 
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The  recession  has  focused  us  more  on  the  fact  that  we've  made 
investments,  so  we  need  to  ask, 'Are  we  really  getting  all  we  can 


ftomthemr  -  SYDNEY  CAREY,  I 


Continued  from  page  zo 

Know  What  the  Business  Needs  Now 

Being  aware  of  the  company's  business  strategy  is  always  a  prior¬ 
ity  6>r  IT  managers,  but  in  tough  times,  it's  imperative  for  IT  to 
be  up  to  date  and  ready  to  help  with  corporate  changes  on  an 
almost  daily  basis,  CFOs  say. 

For  example,  Telmor  Apex  Co.,  a  custom  compounder  of  ad¬ 
vanced  polymers  in  Pawtucket,  R.I.,  recently  completed  a  major 


IVE  VICE  PRESIDENT  AND  CFO.  TIBCO  SOFTWARE  INC. 


says  those  Bgures  aren't  really  enou^  to  calculate  the  true  return 
an  IT  investment  will  generate. 

“I  see  ROIs  all  the  time  that  can  have  a  wide  range  of  values 
depending  on  how  you  work  your  assumptions,"  he  says. 

Martins,  who  works  in  the  Washington,  D.C.,  area  as  interim 
CFO  for  a  goverrunent  contractor  and  as  a  financial  adviser  to 
two  other  companies,  says  CIOs  need  to  include  more  details  in 
the  ROI  figures  they  present.  For  example,  he  says,  if  a  $500,000 
investment  helps  generate  $2  million  in  revenue,  the  ROI  needs 
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Continued  from  page  22 

Emphasize  Short-term  Benefits . . . 

Breslin  Longstreth  wants  his  CIO  to  seek  out  projects  that  deliver 
benehts  quickly. 

“It’s  all  about  the  short-term  and  medium-term  returns,”  says 
Longstreth,  senior  vice  president  of  finance  at  A  Place  for  Mom 
Inc.,  a  Seattle-based  service  that  helps  people  find  care  options 
for  elderly  parents. 

Case  in  point  was  the  company's  decisioti  to  revamp  all  soft¬ 
ware  licenses,  standardize  equipment,  and  upgrade  and  integrate 
phone  and  computer  services.  Longstreth  says  the  company  was 
looking  at  a  six-figure  investment  to  get  the  project  done  —  he 
declined  to  disclose  the  actual  price  tag  —  but  found  that  the 
ROI  would  likely  be  realized  within  a  year. 

"We  move  quickly  if  we  think  there's  a  strong,  quick  ROI.  If  it's 
not  obvious,  we're  probably  not  going  to  do  it,"  says  Longstreth. 

He  says  A  Place  for  Mom,  a  private,  $50  million  (^ration,  is 
growing  so  quickly  that  it's  hard  to  predict  what  it  will  requite 
from  IT  beyond  the  next  few  years.  That's  one  reason  he  encour¬ 
ages  his  top  IT  person,  the  vice  president  of  development,  to 
think  about  projects  with  quick  returns. 

The  economy  is  another  reason,  Longstreth  says.  Although 
the  company  is  financially  healthy,  he  says  he  doesn't  want  to 
risk  leaving  it  cash-strapped  by  investing  in  technology  that  has  a 
long-term  ROI.  “Making  a  bet  on  something  with  a  return  three 
to  five  years  out  has  too  much  risk  right  now,”  he  says. 


We  look  at  rr  as  an  enabler 
of  a  lean  company. 

JIM  MORRISONy 

CFO.  TEKNOR  APEX  CO. 


...  But  Don’t  Abandon  Long-term  investments 

Even  with  the  economy  in  the  dumps,  Teknor  Apex's  Morrison 
wants  his  CIO  to  continue  proposing  projects  that  will  help  the 
company  teach  its  long-term  goals. 

“If  there's  a  project  needed  for  our  strategic  well-being,  I  don’t 
necessarily  [want  IT  to)  put  it  on  a  back  burner  because  the 
economy  has  taken  a  downturn,"  Morrison  says. 

As  a  private  company  that's  not  driven  by  quarterly  perfor¬ 
mance,  Teknor  Apex  has  the  luxury  of  being  able  to  focus  more 
on  long-term  results,  Morrison  acknowledges.  But  that  doesn't 
mean  he  can  fund  IT  projects  that  don’t  support  the  corporate 
agenda  —  especially  in  today's  economy. 

“Outside  of  upgrades  of  hardware,  everything  we  do  from  an 
IT  perspective  is  put  forth  as  either  being  strategic  in  nature  or 
increasing  our  e^iencies,"  Morrison  explains. 

When  the  market  went  south  in  2007,  Morrison  says,  the 
company  reduced  its  head  count  by  5%  to  10%,  but  at  about  the 
same  time  he  OK'd  spending  $150,000  for  software  for  the  credit 
department.  "It  was  probably  one  of  the  best  projects  we  ever 
dii"  he  says,  explaining  that  it  allowed  the  company  to  reduce 
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So  it’s  no  wonder  that  IT  managers  have  a  tough  time  per¬ 
suading  their  CFOs  to  spend  money  on  new  technoiogy  today. 
Rosenberg  says. 


By  making  changes  in  their  pitches.  iT  managers  can  over¬ 
come  that  roadbiock  and  get  the  CFO's  stamp  of  approval  for 
more  projects,  Rosenberg  and  other  consultaiits  say.  Those 
changes  should  include  reframing  proposals  and  spending  re¬ 
quests  to  highlight  the  business  value  that  technology  creates. 

In  a  white  paper.  Rosenberg  sug^s  that  CIOs  should  take 
the  following  steps  to  get  their  economic  houses  in  order  and 
make  it  easier  for  CFOs  to  see  the  value  of  the  services  that  IT 
provides  to  the  business: 


alliicatiM  dKMow  (Mt  for  rwcthit  to  HMmx). 

Most  of  all.  dOs  should  communicate  using  the  business  met¬ 
rics  -  like  “decrease  unit  costs"  -  that  really  matter  to  the  com¬ 
pany’s  leaders,  says  Saby  Mitra.  an  associate  professor  in  the 
College  of  Management  at  the  Georgia  Institute  of  Technotogy. 


staff  in  the  credit  department  while  improving  performance.  As 
result,  the  new  system  paid  for  itself  within  two  years. 

Morrison  says  those  are  the  kinds  of  technology  investments 
he’d  like  to  see  IT  managers  bring  forward. 

“We  look  at  IT  as  an  enabler  of  a  lean  company.  I  don’t  think 
there’s  a  function  that  doesn't  feel  that  the  IT  systems  ate  abso¬ 
lutely  essential  to  their  performance,"  he  says.  “So  we  give  them 
what’s  needed.  They  just  have  to  show  there’s  a  good  return.”  • 
Pratt  is  a  Computerworld  contributing  writer  in  Waltham,  Mass. 
Contact  her  at  marykpratt@verizon.net. 
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Continued  from  page  a. 

Emphasize  Short-term  Benefits . . . 

Bteslin  Longstreth  wants  his  CIO  to  seek  out  projects  that  deliver 
benefits  quickly. 

“It’s  all  about  the  short-term  and  medium-term  returns,"  says 
Longstreth,  senior  vice  president  of  finance  at  A  Place  for  Mom 
Inc.,  a  Seattle-based  service  that  helps  people  find  care  options 
for  elderly  parents. 

Case  in  point  was  the  company's  decision  to  revamp  all  soft¬ 
ware  licenses,  standardize  equipment,  and  upgrade  and  integrate 
phone  and  computer  services.  Longstreth  says  the  company  was 
looking  at  a  six-figure  investment  to  get  the  project  done  —  be 
declined  to  disclose  the  actual  price  tag  —  but  found  that  the 
ROI  would  likely  be  realized  within  a  year. 

“We  move  quickly  if  we  think  there's  a  strong,  quick  ROI.  If  it’s 
not  obvious,  we’re  probably  not  going  to  do  it,"  says  Longstreth. 

He  says  A  Place  for  Mom,  a  private,  $50  million  operation,  is 
growing  so  quickly  that  it's  hard  to  predict  what  it  will  require 
from  IT  beyond  the  next  few  years.  That’s  one  reason  he  encour¬ 
ages  his  top  IT  person,  the  vice  president  of  devebpment,  to 
think  about  prefects  with  quick  returns. 

The  economy  is  another  reason,  Longstreth  says.  Although 
the  company  is  financially  healthy,  he  says  he  doesn’t  want  to 
risk  leaving  it  cash-strapped  by  investing  in  technology  that  has  a 
loi^-term  ROI.  “Making  a  bet  on  something  with  a  return  three 
to  ^  years  out  has  too  much  risk  right  now,”  he  says. 


we  look  at  IT  as  an  enabler 
of  a  lean  company. 

Jm  MORRISONy 

CFO.  TEKNOR  APEX  CO. 


...  But  Don’t  Abandon  Long-term  investments 

Even  with  the  economy  in  the  dumps,  Teknor  Apex’s  Morrison 
wants  his  CIO  to  continue  proposing  projects  that  will  help  the 
company  reach  its  long-term  goals. 

“If  there’s  a  project  needed  for  our  strategic  well-being,  I  don’t 
necessarily  (want  IT  to]  put  it  on  a  back  burner  because  the 
economy  has  taken  a  downturn,”  Morrison  ays. 

As  a  private  company  that’s  not  driven  by  quarterly  perfor¬ 
mance,  Teknor  Apex  has  the  luxury  of  being  able  to  focus  more 
on  long-term  results,  Morrison  acknowledges.  But  that  doesn’t 
mean  he  can  fund  IT  projects  that  don’t  support  the  corporate 
agenda  —  especially  in  today’s  economy. 

“Outside  of  upgrades  of  hardware,  everything  we  do  from  an 
IT  perspective  is  put  forth  as  either  being  strategic  in  nature  or 
increasing  our  efficiencies,”  Morrison  explains. 

When  the  market  went  south  in  2007,  Morrison  says,  the 
company  reduced  its  bead  count  by  5%  to  iO%,  but  at  about  the 
same  time  he  OK’d  spending  $150,000  for  software  for  the  credit 
department.  “It  was  probably  one  of  the  best  projects  we  ever 
did,”  he  says,  explaining  that  it  allowed  the  company  to  reduce 
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So  it’s  no  wonder  that  IT  managers  have  a  tough  time  per¬ 
suading  their  CFOs  10  spend  money  on  new  technology  today, 
Rosenberg  says. 

By  malting  changes  In  their  pitches,  IT  managers  can  over¬ 
come  that  roadblock  and  gel  the  CFO's  stamp  of  approval  tar 
more  projects,  Rosenberg  and  other  consultants  say.  Those 
changes  should  Include  reframkig  proposals  and  spenefing  re¬ 
quests  to  highlighi  the  business  value  diat  technology  creates. 

In  a  white  paper,  Rosenberg  suggests  that  CIOs  should  take 
the  folkiwing  steps  to  get  their  economic  houses  in  order  and 
make  it  easier  for  CFOs  to  see  the  value  of  the  services  that  IT 
provides  to  the  business; 


staff  in  the  credit  department  while  improving  performance.  As  < 
result,  the  new  system  paid  for  itself  within  two  years. 

Morrison  says  those  are  the  kinds  of  technology  investments 
he’d  like  to  see  IT  managers  bring  forward. 

“We  look  at  IT  as  an  enabler  of  a  lean  company.  I  don’t  think 
there’s  a  function  that  doesn’t  feel  that  the  IT  systems  are  abso¬ 
lutely  essential  to  their  performance,”  he  says.  “So  we  give  them 
what’s  needed.  They  just  have  to  show  there’s  a  good  return."  • 
Pratt  is  a  Computerworld  contriburtng  writer  in  Waltham,  Mass. 
Contact  her  at  mar))hpratt@verizon.net. 
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CSO  Executive  Seminar  Series  on 

Securing  the  Cloud 


January  26, 2011  I  New  York  Marriott  Downtown  I  New  York  City 


Please  note  the  date  change  for  this  i 


Ensure  Your  Move  to 
the  Cloud  is  Secure 


Clouds  promise  to  deliver  unprecedented  business 
efficiencies,  but  securing  data  and  processes  in  the 
cloud  can  be  tricky. 

At  this  exclusive  executive  seminar  on  Securing  the 
Cloud,  you’ll  gain  real-world  insight  into  how  business 
leaders  are  securing  their  cloud  environments,  and: 

•  Discover  the  best  strategies  for  assessing 
security  risks  and  needs  for  the  cloud. 

•  Determine  which  applications  to  move  to  the 
cloud  and  how  to  apply  the  right  security. 

•  Gather  up-to-the-minute  advice  from  the  industry’s 
leading  practitioners  and  recognized  experts. 

•  Network  with  colleagues  who  wrestle  with  similar 
challenges  and  concerns. 


CSO 


Featured  Speakers  Include: 

Jim  Reavis 

Co-founder,  Cloud  Security  Alliance 

Derek  Slater 

Editor  in  Chief,  CSO  magazine 

David  Giambnino 
CIO,  Revlon 
Nick  Akerman 

Partner,  Dorsey  &  Whitney  LLP 

Whether  you’re  assessing  specific 
moves  to  the  cloud  or  are  seeking  the 
latest  expert  advice,  this  seminar  series 
will  help  you  better  understand  cloud 
security  and  how  you  can  improve  your 
business  by  applying  it  wisely. 


Join  us  on  JANUARY  26^”  in 
NEW  YORK  CITY  for  this  UNIQUE  EVENT! 

REGISTER  NOW;  http://events.csoonline.com/csad 

CSO  Executive  Seminar  on  Cyber  Security  |  Washington,  DC  -  March  2011 
CSO  Executive  Seminar  on  Securing  the  Cioud  |  Chicago,  IL  -  May  2011 
Sponsorship  Opportunities  Are  Available 

CSO  Executive  Seminar  Series  attracts  a  powerful  and  influential  audience  of  security  decision  makers. 
For  Sponsor  Opportunities,  contact  Per  Melker  at  508.935.4729  or  e-mail  pmelker@cxo.com 
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SixLeaks 


Right  Now 

Even  companies  with  great  security 
may  have  left  these  holes  open. 

By John  Brandon 


UST  AS  THE  TITANIC  was  thoi^t  to  be  unsinkable, 
many  of  today's  enterprises  think  of  themselves  as 
invulnerable.  Yet,  for  every  large  organization  that 
glides  through  the  year  without  any  mishaps,  there 
are  many  others  that  suffer  break-ins,  Wi-Fi  sniffii^ 
snafus  and  incidents  where  Bluetooth  "sniper  rifles" 
are  used  to  steal  company  secrets. 

Security  consulunts  have  identified  sfat  holes  that  ate  often 
wide  open  in  corporate  IT  systems,  even  at  companies  that  take 
great  pride  in  their  security  precautions. 

Unauthorized  Smartphones 
On  Wi-Fi  Networks 

Smartphones  create  some  of  the  greatest  risks 
for  enterprise  security,  mostly  because  they’re  so 
common  and  because  some  employees  just  can't 
resist  using  personal  devices  in  the  office  —  even 
if  their  employers  have  well-established  policies 
prohiMng  their  use. 

"The  danger  is  that  cell  phones  are  tri-homed  devices  —  Blue¬ 
tooth,  Wi-Fi  and  GSM  wireless,”  says  Robert  Hansen,  founder 
of  Internet  security  consulting  firm  SecTheory  LLC.  Em[floyees 
who  use  their  personal  smartphones  at  work  "introduce  a  conduit 
that  is  vulnerable  to  potential  attack,”  he  explains. 

If  you  use  a  device  like  a  smartphone  that  spans  multiple  wireless 
spectrums,  "someone  in  a  paiking  lot  could  use  a  Blueto^  sniper 
rifle  that  can  read  Bluetooth  horn  a  mile  away,  ooimect  to  a  smart¬ 
phone,  then  connect  to  a  corporate  wireless  network,”  says  Hansen, 
who  is  also  known  by  the  alias  RSnake.  Bluetooth  thus  becomes  an 
open  portal  that  allows  hackers  to  access  Wi-Fi  and  therefore  the 
corporate  network. 

Hansen  says  adopting  a  policy  that  simply  prohibits  personal 
smartphones  isn’t  likely  to  be  effective  —  emf^oyees  will  still  be 
tempted  to  use  their  gadgets.  Instead,  he  says,  IT  should  allow 
only  approved  devices  to  access  the  network.  And  that  access 
should  be  based  on  MAC  addresses,  which  are  unique  codes  that 
are  tied  to  specific  devices,  making  them  more  traceable. 

Another  tactic  is  to  use  network  access  control  to  make  sure 
whoever  is  connecting  is,  in  (act.  authorized  to  ooimect.  In  an  ideal 
world,  companies  should  also  separate  guest  access  Wi-Fi  networks 
from  important  corporate  networks,  says  Hansen,  even  if  having 

Another  approach:  Provide  robust,  company-sanctioned 
smartphones  on  popular  platforms,  such  as  Google’s  Android, 
thereby  dissuading  employees  from  using  nonsupported  devices. 
By  encouraging  the  use  of  approved  phones,  IT  can  focus  on 
security  precautions  for  a  subset  of  devices  instead  of  having  to 
deal  with  numerous  brands  and  platforms. 

Open  Ports  on  a  Network  Printer 

The  office  printer  is  another  seemingly  in¬ 
nocuous  device  that  represents  a  security  risk, 
although  most  companies  ate  oblivious  to  the 
danger.  Printers  have  had  telephone  lines  for 
faxes  ferr  several  years,  and  some  are  now  Wi-Fi- 
enabled  or  support  3G  wireless  cormectivity. 
Some  companies  do  block  access  to  certain  ports  on  printers,  but 
as  Hansen  says,  if  there  are  200  blocked  ports  for  printers  at  a 
large  company,  there  might  he  another  1,000  ports  that  ate  wide 


Injecting  hostile  code 

into  P2P  files  is  [not 
difficult]  and  can  create 
a  beachhead  within 
an  organization. 

WINN  SCNWANTAU,  CEO. 

THE  SECURITY  AWARENESS  COMPANY 


open.  Hackers  can  break  into  corporate  networks  through  these 
ports.  A  more  nefarious  trick  is  to  capture  images  of  all  printouts 
in  order  to  steal  sensitive  business  information. 

**006  of  the  reasons  you  do  not  hear  about  it  b  because  there  is 
no  effective  way  to  shut  them  down,”  says  jay  Valentine,  an  inde¬ 
pendent  security  expert.  “We  see  access  all  the  lime  via  network 
ports  in  the  electric  utility  industry,  which  is  a  major  accident 
waiting  to  happen.” 

The  best  way  to  deal  with  this  problem  is  to  disable  the  wire¬ 
less  options  on  printers  altogether.  If  that’s  not  feasiUe,  IT  should 
make  sure  all  ports  are  Uocked  for  any  unauthorized  access,  says 
Hansen.  It’s  also  important  to  use  security  management  tools 
that  monitor  and  report  on  open  printer  ports.  One  such  tool  is 
the  network  monitor  from  ActiveXperts  Software  6V. 

3  Custom  web  Applkatkms 
With  Bad  Code 

Just  about  every  entetprise  security  professional 
lives  in  fear  of  holes  created  by  sloppy  programming 
This  can  occur  with  custom-developed  applications 
and  with  commercial  and  open-source  software. 
Hansen  says  one  common  trick  is  to  tap  into  the  xp.cmdshell 
routine  on  a  server,  which  an  inexperienced  programmer  or 
systems  administtator  might  leave  wide  open  for  attack.  Hackers 
can  use  that  opening  to  gain  fiill  access  to  a  database,  which  pro¬ 
vides  an  entryway  to  dau  and  a  quick  back  door  to  netwoiks. 

Hansen  says  PHP  routines  on  a  Web  server  can  also  be  ripe  for 
attack.  Small  coding  errors,  such  as  a  failure  to  use  proper  safe¬ 
guards  when  calling  a  remote  file  from  an  application,  provide  a 
way  for  hackers  to  add  their  own  embedded  code.  A  company  can 
also  be  open  to  attack  if  it  has  a  blog  with  a  tradeback  feature  (to 
report  on  finks  to  its  posts)  but  doesn’t  sanitize  stored  URLs  to 
prevent  unauthorized  database  queries. 

Of  couise,  the  obvious  fix  to  this  problem  is  to  avoid  using 
freebie  PHP  scripts,  blog  add-ons  and  other  code  that  might  be 
suspect.  If  such  software  is  needed,  security  monitoring  tools  can 
detect  vulnerabilities  even  in  small  PHP  scripts. 
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Security  Risks 

In  the  Post-PC  Era 


sinl  tkML  The  number  of  cnnpanY-owned  snHitptnnes  lost 
by  the  average  North  American  and  European  enterprise  during 
the  past  two  years  ««as  50«  higher  than  the  number  of  laptops 
reported  lost  or  stolen:  11  lost  smartphones  versus  seven  lost  lap¬ 
tops.  More  losi  devices  means  more  lost  data. 

■  IT  do«wNcn»|i»li|i|*fwHe«dipl»yi«l.  For  example, 
apps  are  usually  added  to  Apple  devices  by  emplovees  who  buy 
them  from  the  AppStore. 

■  TIlW  piitT  be  tnut—rUlT.  Users  install  an 

average  of  40  apps  on  iPhones  and  2S  on  Android  devices.  Not  all 
of  those  apps  are  safe;  Some  steal  data  or  otherwise  fail  to  behave 
as  advertised. 

■  SNppert  111  lot  iimiciiiNpllciMd.  The  sheer  diversity  of 
devices  mates  it  harder  to  know  what  you  can  safely  allow  on  your 
network,  particularly  with  Android  devices. 

■  TkorMMhdoihaioMiiMMaKMMOiftmnitatli 

hMMtam.  A  cottage  industry  of  specialized  MOM  vendors  has 
sprung  up  to  manage  the  configuralion  and  securitY  of  diverse 
mobke  devices,  but  a  convergence  of  post-PC  and  PC  management 
systems  is  stkl  years  away. 


Questions  of  who  owns  the  data  on  emplovee  smartphones  -  and 
who  is  responsible  for  protecting  it  -  have  yet  to  be  answered.  Case 
law  that  definitively  settles  this  matter  won't  emerge  for  years. 


text  message  to  the  infected  phone  telling  it  to  place  a  call  and 
turn  on  the  microphone."  That  would  be  an  efteive  tactic  if.  for 
example,  the  phone's  mvner  were  in  a  meeting  and  the  attacker 
want^  to  eavesdrop,  he  tuxes. 

Schwartau  says  it’s  possible  to  filter  SMS  activity,  but  that’s 
usually  handled  by  the  wireless  carrier  because  SMS  isn’t  IP- 
based  and  therefore  isn’t  usually  controlled  by  company  admin¬ 
istrators.  The  best  option  is  to  work  with  carriers  to  make  sure 
that  they’re  using  malware-blocking  software  and  SMS  filters  to 
prevent  those  kinds  of  attacks. 

Again,  creating  smartphone  usage  policies  that  encourage  or 
retpiire  the  use  of  only  company-sanctioned  or  company-provided 
phones  and  service  plans  can  reduce  the  risk. 

Of  course,  companies  can’t  thwart  every  possible  attack,  aiul 
hackers  are  constantly  switching  tactics.  But  you  should  take 
steps  to  plug  these  six  security  leaks  —  and  then  try  to  keep  them 
plugged  —  and  be  on  the  lookout  for  new  forms  of  malicious 

grandon  worked  asm  IT  munoger  for  lo  years  and  has  been  a  lech 
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Bl  CATCHES  ON 


The  goal  is  to  help  business 
users  make  smart  decisions 
with  complex  data  - 
and  less  IT  involvement. 
By  Elisabeth  Horwitt 


Dealer  Services  Corp.  (DSC),  in  contrast, 
got  a  heads-up  from  its  newly  deployed 
business  intelligence  system,  says  CIO  Chris 
Brady.  The  self-service  Bl  module  of  Infor¬ 
mation  Builders  Inc.’s  WebFocus  software 
allowed  branch  managers  to  see  early  signs  of 
the  economic  slowdown,  without  having  to 
get  technical  help  from  the  IT  department. 

Self-service  Bl  appears  to  be  the  next  big 


end  users  with  data  and  reports  and  enables 


Horwilt  I  and  save”  mode.  This  means  that  dau  views 
can  he  stored  for  reuse  or  sharing.  The  sdf- 
service  tools  bring  Bl  information  to  nontechnical  users;  they  also 
benefit  high-level  analysts  who  need  ad  hoc  reports  right  away. 

At  Carmel,  Ind.-bas^  DSC,  which  provides  financing  for  alx)ut 
10,000  car  dealers,  each  vehicle  receives  a  separate  loan  with  its 
own  conditions  and  payback  schedule.  “That’s  a  lot  of  data,”  says 
Brady.  The  company  originally  used  a  basic  transaction-reporting 
system,  but  that  rapidly  became  inadequate  as  the  business  grew. 

End  users  inundated  IT  with  requests  for  nrae  data  and  different 
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We  neBiM  to  get  data  into  the 
hands  of  users  in  deportments 
like  sales ...  and  give  them  tools  so 
they  could  analyze  data  themselves. 

SCOTT  BAKER,  MANAGER  OF  SAP  SVSTEMS. 

ORASURE  TECHNOLOGIES  INC. 


views.  The  more  technically  savvy  tried  to  do  their  own  analyses 
with  Excel  spreadsheets,  but  that  often  lesuhed  in  inconsistent  and 
inaccurate  data,  Brady  explains.  So  the  company  looked  for  a  Bl 
system  that  would  put  as  much  querying  power  as  possible  in  the 
haixls  of  end  users  via  Web-based  query  and  reporting  toob. 

In  addition  to  reducing  the  burden  on  IT  and  business  ana¬ 
lysts,  WebFocus  has  increased  the  quality  and  consistency  of  data 
—  and  has  thereby  improved  the  decisions  that  are  based  on  that 

data,  Brady  reports. 

When  the  recession  hit,  WebFocus'  self-service  module  proved 

its  worth  by  enabling  branch  managers  to  see  which  dealers  had 

inventory  that  was  aging  past  a  certain  point,  Brady  says.  This 
was  “a  key  indicator  —  a  very,  very  early  warning  sign,"  she  adds. 

Forewarned  of  the  slowdown  in  inventory  turnover,  DSC  was 
able  to  minimize  the  recession's  impact.  It  tightened  its  lending 
standards  and  adjusted  financial  reserves.  It  also  offered  advice 
to  troubled  dealerships:  one  of  the  messages  was  “Stop  buying 
SUVs;  they  aren't  selling,”  Brady  says. 

As  a  result,  "we  definitely  reduced  our  losses  from  bad  loans 


demands,  according  to  Scott  Baker,  Bethlehem,  Pa.-based  Ota- 
Sure's  manager  of  SAP  systems.  "We  needed  to  get  dau  into  the 
hands  of  usets  in  departments  like  sales,  finance  and  budgeting, 
and  give  them  tods  so  they  could  analyze  data  themselves,"  he 
says.  "We  used  to  create  standard  reporu,  and  people  were  always 
saying  they  needed  more  information  —  this  but  not  that.” 

End  users  at  OraSure  can  now  create  their  own  dashboards 
"on  the  By,”  using  SAP  BusinessObjects'  self-service  system. 

Edge,  Baker  says.  And  BusinessObjects'  Explorer  module  “lets 
you  select  the  filters  and  daU  you  want,  and  then  presents  it  to 
you  graphically,"  he  says.  End  users  can  also  create  reports  using 
SAP  Cr^tal  Reports  or  Microsoft  Excel. 

"BusinessObjects  is  good  at  buffering  users  from  the  techni¬ 
cal  layer,"  Baker  says.  For  example,  users  "don't  see  [data]  field 
definitions  but  terms  they  work  with  in  their  jobs,  like  'quantity 
shipped.' " 

The  payback?  End  usets  have  generated  more  than  160  reports 
themselves.  Baker  says.  "That's  160  reports  the  IT  group  didn't 
have  to  generate."  he  adds. 

A  Broad  User  Base 

Self-service  Bl  isn’t  just  for  the  “average”  end  user  with  limited 
technica]  and  analytical  expertise,  says  Forrester  analyst  Boris 

Evelson.  Business  analysts  need  to  do  predictive  analytics,  multi¬ 

dimensional  querying  aiKl  data  mining.  Knowledge  workers  and 
power  users  want  to  do  ad  hoc  querying  and  generate  their  own 
reports  and  views.  Self-service  Bl  platforms  enable  them  to  do 
that  while  shielding  them  from  the  undertying  data  infrastruc¬ 
ture.  so  they  don’t  have  to  keep  asking  IT  for  help. 

Flexibility  was  key  at  1X1  Corp.,  a  unit  of  Atlanta-based  Equifax 
Inc.  that  provides  risk  and  performaiKre  management  consultir^ 
services.  With  IXI's  old  Bl  system,  it  was  too  diflkult  to  make  any 
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server  to  its  knees,  or  worse.  BI  doesn’t  stop  you  from  making  the 
wrong  choices;  it  just  helps  )’Ou  make  them  faster.” 

To  avoid  this  problem,  Ayres’  team  has  built  a  layer  between 
the  user  and  BI  tools,  ”50  you  can  dance  around  the  playground, 
but  within  limits.”  For  example,  an  employee  might  be  allovYed  to 
run  metrics  in  a  data  mart  at  some  levels  but  not  others,  and  he 
wouldn’t  be  allowed  to  summarize  across  different  levels. 

Most  of  the  major  BI  platforms  support  role-based  access  control, 
ihroi^  Microsoft  Active  Directory  or  any  other  LDAP-compliant 
global  directcwy.  Packages  offer  different  degrees  of  granularity:  For 
example,  a  system  might  be  set  up  so  that  a  particular  user  group 
can  access  only  a  subset  data,  or  even  just  specific  data  fields. 

SAP  BusinessObjects  provides  role-based  swurity  down  to  the 
record  level,  says  Baker.  For  example,  a  salesperson  might  see 
only  customers  in  his  territory,  or  a  budget  manager  would  see 
only  the  cost  centers  that  she’s  responsible  for,  while  a  sales  vice 
president  could  view  reports  from  anybody  who  reports  to  him. 

Breaking  Down  the  Walls 

The  new  frontier  for  self-service  BI  is  the  ability  to  enable  differ¬ 
ent  types  of  users  to  collaborate,  not  only  by  sharing  reports  and 
query  results,  but  also  by  working  together  to  define  new  ways  of 
viewing  and  analyzing  information. 

At  DSC.  the  IT  staff  regularly  meets  with  a  committee  of  end 
users,  Brady  says.  "Branch  managers  tell  us  their  best  practices,” 
which  are  then  incorporated  into  reports  and  views.  IT  then  uses 
WebFocus  to  replicate  the  best  practices  across  the  company. 


Self-service  BI  has  "cut  way  down  on  the  time  from  getting  an 
idea  to  building  a  report  that  incorporates  it,  and  having  it  show 
up  on  an  end  user's  dashboard,”  Brady  says. 

At  OraSurc,  the  SAP  team  participates  in  business  users’ 
forecast  meetings.  "We  talk  to  them  about  how  they're  using 
information,  listen  in  on  discussions  of  what  they're  finding,  then 

that  help  you  get  to  next  level?  We  work  with  end  users  to  figure 
out  how  to  get  the  best  information,”  Baker  says. 

OraSure  employees  collaborate  primarily  through  face-to-face 
meetings  and  e-mail.  However,  Baker  says  that  he  is  definitely 
interested  in  the  possibility  of  providing  more  dynamic  and 
ongoing  interactions  through  Web  2.0  tools  such  as  social  net¬ 
works,  wikis  and  blogs. 

So  are  a  lot  of  other  companies,  according  to  Forrester’s 
Kobielus.  Businesses  are  starting  to  use  collaborative  mashups 
to  enable  teams  of  users  to  develop  charts,  dashboards  or 
reports  online,  and  then  make  them  available  on  blogs,  wikis  or 
Facebook,  he  notes.  Vendors  currently  offering  such  capabilities 
include  Lyzasoft  Inc.,  Tableau  Software  Inc.  and  lackBe  Corp. 

With  proper  governance  and  security  controls  in  place,  imple- 
menters  say,  selFservice  and  collaborative  BI  can  break  down  long¬ 
standing  barriers  among  different  departments  and  levels  within  an 
organization.  This  in  turn  promotes  faster  and  —  most  important 
—  more  effective  decision-making  throughout  the  company.  ♦ 
Horwittf  a  freelance  reporter  and  former  Computerworld  senior  editor, 
is  based  in  Waban.  Mass.  Contact  her  at  ehorwitt@verizon.nel. 


Jump  on  the 
Bandwagon 


Bl  &  ANALYTICS 


server  to  its  knees,  or  worse.  BI  doesn't  stop  you  from  making  the 
wrong  choices:  it  just  helps  you  make  them  faster.” 

To  avoid  this  problem,  Ayres’  team  has  built  a  layer  between 
the  user  and  BI  tools,  “so  you  can  dance  around  the  playground, 
but  within  limits.”  For  example,  an  employee  might  be  allowed  to 
run  metrics  in  a  data  mart  at  some  leveb  ^t  not  others,  and  he 
wouldn’t  be  allowed  to  summarize  across  different  levels. 

Most  of  the  major  BI  platforms  support  role-based  access  control, 
through  Microsrrft  Active  Directory  or  any  other  LDAP-compliant 
global  directory.  Packages  offer  different  degrees  of  granularity:  For 
example,  a  system  might  be  set  up  so  that  a  particular  user  group 
can  access  only  a  subset  of  data,  or  even  just  specific  data  fields. 

SAP  BusinessObjects  provides  role-based  security  down  to  the 
record  level,  says  Baker.  For  example,  a  salesperson  might  see 
only  crrstorrrers  in  his  territory,  or  a  budget  manager  would  see 
only  the  cost  centers  that  she’s  responsible  for,  while  a  sales  vice 
president  could  view  reports  from  anybody  who  reports  to  him. 

Breaking  Down  the  Walls 

The  new  frontier  for  self-service  BI  is  the  ability  to  enable  differ¬ 
ent  types  of  users  to  collaborate,  not  only  by  sharing  reports  and 
query  results,  but  also  by  working  together  to  define  new  ways  of 
viewing  and  analyzing  information. 

At  DSC,  the  IT  staff  regularly  meets  with  a  committee  of  end 
users,  Brady  says.  “Branch  managers  tell  us  their  best  practices,” 
which  are  then  incorporated  into  reports  and  views.  IT  then  uses 
WebFocus  to  replicate  the  best  practices  across  the  company. 


Self-service  BI  has  “cut  way  down  on  the  time  from  getting  an 
idea  to  building  a  report  that  incorporates  it,  and  having  it  show 
up  on  an  end  user’s  dashboard,"  Brady  says. 

At  OraSure,  the  SAP  team  participates  in  business  users' 
forecast  meetings.  “We  talk  to  them  about  how  they’re  using 
information,  listen  in  on  discussions  of  what  they’re  finding,  then 
we  brainstorm:  If  you  had  this  additional  information,  would 
that  help  you  get  to  next  level?  We  work  with  end  users  to  figure 
out  how  to  get  the  best  information,”  Baker  says. 

OraSure  employees  collaborate  primarily  through  face-to-face 
meetings  and  e-mail.  However,  Baker  says  that  he  is  definitely 
interested  in  the  possibility  of  providing  more  dynamic  and 
ongoing  interactions  throng  Web  2.0  tools  such  as  social  net¬ 
works,  wikis  and  blogs. 

So  are  a  lot  of  other  companies,  according  to  Forrester’s 
Kobielus.  Businesses  are  starting  to  use  collaborative  mashups 
to  enable  teams  of  users  to  develop  charts,  dashboards  or 
reports  online,  and  then  make  them  available  on  blogs,  wikis  or 
Facebook,  he  notes.  Vendors  currently  offering  such  capabilities 
include  Lyzasoft  Inc.,  Tableau  Software  Inc.  and  JackBe  Corp. 

With  proper  governance  and  security  controls  in  place,  imple- 
menters  say,  self-service  and  collaborative  BI  can  break  down  long¬ 
standing  barriers  among  different  departments  and  levels  within  an 
organization.  This  in  turn  promotes  faster  and  —  most  important 
—  more  efective  decision-making  throughout  the  company.  • 
Horwitt,  a  freelance  reporter  and  former  Computerworld  senior  editor, 
is  based  in  Waban,  Mass.  Contact  her  at  ehorwitt@verizon.net. 
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I  STILL  getting  acquaint 


surveys,  document  reviews.  And  some¬ 
times  you  just  have  to  keep  your  ears 
open.  That  was  the  case  the  other  day. 


Immediately  after  that  meeting,  I  sent 
an  e-mail  to  the  administrator  of  the 
two-factor  authentication  infrastruc¬ 
ture  asking  about  the  password  bypass 
option.  In  emergencies,  he  said,  users 
were  given  a  password.  OK,  then,  who 
has  this  bypass  enabled,  and  bow  long 
has  it  been  provisioned  in  each  case?  The 
answers  were  startling.  This  bypass  was 
being  used  in  lieu  of  key  fobs  as  a  quick 


Trouble 

Ticket 


no  longer  have  any  need  to  access  our 
network  at  all! 

Well,  then,  I  thought,  perhaps  it  would 

account  management  processes.  Most 
IT  organizations  give  administrators 
privileged  accounts  that  let  them  handle 
functions  related  to  domain  account 
administration,  e-mail  management, 
backups  and  restores,  and  so  on.  In  a 
Microsoft  environment,  certain  policies 
can  be  applied  to 


access  to  only  the  requited  privileged 
functions.  You  probably  know  where  I’m 
going  with  this.  The  good  news  was  that 
I  found  that  our  IT  admins  had  taken 

the  time  to  define  two  types  of  admin- 

i,  for  employees  and 
5.  The  bad  news:  Both  types 


u 


is.  But  that  password  is  groan-inducing:  Everyone  has  the  same 
I  level  of  access.  That  includes  people  who 


A  bypass  around  two-factor  authentication  for  the 
VPN  was  supplied  not  only  to  forgetful  employees. 


ered.  And  Til  keep  lifting  those  rocks.  • 
This  uvek  s  joumat  is  wrirten  by  a  real 
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Moving  Past  Passwords 


I ITH  SO  MANY  WEB  SITES  demanding  passwords,  no  one,  but  no 
I  one,  can  really  be  expected  to  remember  all  the  ones  they  need, 
f  When  the  popular  Web  site  Gawker  was  hacked  recently, 
more  than  a  milhon  user  IDs  and  passwords  were  exposed.  If 


IDs  and 
passwords 
for  dozens 
of  sites? 
No  one. 


compiomised,  that’s  annoying.  Not  that  it's  a  big 
deal  that  someone  could  log  into  a  gossip  site 
imder  your  name.  But  many  of  those  IDs  and  pass¬ 
words  were  reused  on  other  sites  that  are  a  wee  bit 
more  important.  Now,  that’s  a  problem. 

What  should  you  do  about  it?  1  could  tell  you 
that  you  need  to  use  di&rent  passwords  for  dif¬ 
ferent  sites,  that  you  need  to  pick  passwords  other 
than  all-time  favorite  12J456,  and  that  you  should 
change  your  passwords  every  month  for  every  site. 
I’m  not  going  to,  though.  It’s  all  good  advice,  mind 
you,  but  it’s  also  all  pretty  dam  useless. 

People  never  have,  and  never  will,  use  good 
secirrity  practices.  After  more  than  30  years  of 
working  with  networks  and  security.  I’m  ready 
to  give  up  on  trying  to  get  the  general  public  to 
do  the  right  things  to  keep  themselves  safe.  In  a 
company,  it’s  a  diferent  matter.  It’s  a  pain,  but  if 
you  keep  at  it  and  enforce  the  rules,  eventually 
you’ll  get  most  of  the  people  to  do  the  tight  things 
most  of  the  time.  But  people  at  home?  It’s  not 
going  to  happen. 

Besides,  there’s  another  issue  here.  At  work, 
people  need  to  recall,  at  most,  two  or  three  IDs 
and  passwords.  If  you  do  sin^  sign-on  right,  all 
they’ll  need  is  one.  On  the  public  Internet,  though, 
pec^  have  to  remember  their  IDs  and  passwords 
for  their  bank,  Facebook,  Twitter,  school,  Gmail, 
phone,  electric  utility,  40i(k),  Linkedin  and  Com- 

Who  can  manage  to  remember  dozens  of  IDs 
and  passwords  for  dozens  of  sites?  No  one. 

I  can’t  do  it,  and  I’m  blessed  with  a  good 
memory  for  random  alphanumeric  strings  —  you 
really  don’t  want  me  to  get  a  good  lor*  at  your 


What  1  do  is  keep  a  long  list  of  user  IDs  and 
passwords  in  my  head.  Some  of  them  I  use  only  on 
trivial  sites,  others  I  keep  only  for  important  sites, 
and  a  few  I  save  only  for  vital  sites  like  my  bank. 

Here’s  a  trick  that  is  security  heresy:  Make  a 
list  of  your  account  numbers,  IDs  and  passwords 
and  encrypt  it.  Use  real  passwords,  though.  No 
“tZ3456’’  or  “abcdef;"  no  “password”  or  the  name  of 
your  favorite  team.  Those  kinds  of  passwords  are 
so  easy  to  break,  they  barely  count  as  passwords. 

If  that  option  doesn’t  appeal  to  you,  I’ve  got 
another  one:  LastPass.  This  program  runs  on  all 
the  desktop  operating  systems  that  matter  and  the 
major  smartphone  operating  systems  as  well.  It 
will  automatically  capture  your  log-in  credentials 
and  then  enter  them  into  the  site  for  you  the  next 
UrtK  you  visit  So  go  ahead  and  use  IKiizyMarvel- 
Fan4'rossSaladed!  as  a  password.  You  won’t  have 
to  remember  it  LastPass,  the  password  manager, 
will  do  it  for  yrru. 

While  I’d  rather  it  didn’t  store  these  passwords 
in  an  encrypted  form  on  the  Web,  LastPass’  ad¬ 
vantages  more  than  outweigh  its  disadvantages  in 
my  mind.  It  certainly  beats  having  your  one  real 
password  to  every  system  on  Earth  available  to 


spend  more  and  more  of  our  computing  time 
online  at  dozens  of  different  sites,  we  have  to 
come  up  with  a  better  answer  that  will  really  work 
for  people.  User  IDs  and  passwords  simply  don’t 
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could  also  work  as  a  two-way  radio.' 
says  a  pilot  fish  on  ttie  scene,  "The 
new  IT  boss  took  the  Nextels  and 


How  Hard 
Could  It  Be? 

This  rural  school  distri 


the  fan.’  fish  reports.  "With  no  single 
person  really  in  charge  of  tT.  every¬ 
one  did  their  own  thing,  and  the  local 
techies  providing  support  at  each 


Walls -and  On// Walls 

Pilot  fish  gets  a  call  from  a  user  whose  desk  was  moved,  she  says  she  cant  get  to 
her  network  files  or  the  Internet.  "I  checked  everything  -  network  card  light  was 


OPINION 


In  2011,  Clouds  Rolling  In 


Cloud  computing 
may  be  the  topic 
we  love  to  hate, 
but  It's  also 
serious  business 
foragreatmany 
IT  organizations 
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WHERE  DO  YOU  STAND  on  cloud  computing?  Where  does  your 

company  stand?  If  you  think  it’s  all  hype,  you  might  be  surprised 
to  learn  that  many  of  your  colleagues  are  giving  it  a  serious  look. 
Gartner’s  August  2010  “Hype  Cycle”  report  puts  cloud 


computing  just  over  the  “peak  of  inflated  expecta¬ 
tions,"  beading  for  the  “trough  of  disillusionnient.’' 
Maybe  that's  ri^t,  once  you  tack  on  the  four  to  five 
months  since  Gartner  published.  I  think  most  IT 
profossiooals  would  agree  that  cloud  has  received 
more  than  its  fait  share  of,  let’s  say,  attention. 

The  irony  is  that  even  while  many  people  are 
sick  of  hearing  about  cloud,  this  isn't  a  one-way, 
vendor-driven  conversation.  In  fact,  a  few  big- 
name  vendors  took  early  stands  against  cloud 
but  now,  in  reaction  to  user  demand,  are  busily 
lauiKhing  cloud  ofierings.  In  many  cases,  the 
C-suite  is  leading  the  internal  conversation  about 
tbe  cloud,  so  there’s  impetus  behind  it.  Many 
organizations  ate  actively  planning  or  implement¬ 
ing  cloud  initiatives  this  year. 

Computerworld’s  Novernber  aoro  Cloud  Comput¬ 
ing  Survey  confirms  that.  It  was  surprising  to  me, 
for  example,  that  neatly  one-third  of  the  respondents 
said  they  expect  their  companies  to  fully  convert 
their  IT  operations  to  private  clouds  this  year. 

On  average,  r6%  of  respondents’  aoro  budgets 
were  allocated  to  cloud-based  initiatives.  Fifty-five 
percent  said  they  expect  aotr  cloud  allocations  to 
rise,  while  only  t%  projected  that  they  will  fall. 
Respondents  from  large  enterprises  said  they 
expect  to  spend  an  average  of  $a  million  on  cloud 
this  year.  Some  35%  named  infrastructure  as  a 

with  storage  as  a  service  and  SaaS  ranking  higher, 

at  43%  and  48%,  respectively. 

Sorry  to  spew  statistics  at  you,  but  they  clearly 
illustrate  my  pmnt:  Cloud  computing  may  be  the 

topic  we  love  to  hate,  but  it’s  also  serious  business 

firr  a  great  many  IT  organizations  this  year. 

Lack  of  personnel  is  another  potential  spur 


to  cloud  adoption.  By  offloading  management, 
support  and  other  time-consuming  chores  to  third 
parties,  senior  IT  leaders  may  hope  to  reallocate 
persormel  to  more  strategically  important  eflbrts. 
That  suggests  that  they  don’t  expect  head  counts  to 
return  to  2008  levels  anytime  soon.  In  other  words, 
a  lot  of  the  interest  in  cloud  computir^  may  stem 
from  its  potential  to  boost  staff  productivity. 

The  promise  of  cost  savings  seems  to  be  another 
draw,  but  everything  I’ve  heard  suggests  that  the 
savir^  might  be  overstated,  especially  early  on. 

Interest  in  cloud  is  rising  in  the  face  of  hype 
fatigue  and  suspicion  about  rosy  promises.  The 
trend  is  also  bucking  serious  user  reservations 
about  things  like  security,  data  replication/ 
duplication  and  data  silos,  which  were  the  three 
biggest  concerns  mentioned  by  respondents  to  the 
Computerworid  cloud  survey.  Plunging  in  when 
caution  is  advisable  is  a  pretty  rare  [foenomenon 
in  the  world  of  IT.  We’re  wisely  risk-averse. 

Could  cloud  computing  be  a  rate  exception  to 
the  Gartner  “Hype  Cycle"  trend  line,  transitioning 
directly  froin  hype  to  useful?  I  wouldn’t  expect 
that  from  a  service  technology  that’s  been  as 
overexposed  as  this  one.  Perhaps,  though,  cloud’s 
less-than-fresh  aspects  are  at  play  here.  There  have 
been  several  attempts  over  the  years  to  introduce 
cloudlike  services  under  other  names:  managed 
services,  hosted  apps,  utility  computing  and  so 
forth.  Maybe  we  just  needed  a  little  surplus  server 
capacity  and  a  deep  recession  to  make  it  catch  on. 

I’m  a  bit  surprised  that  a  cloud-building  boom 
seems  to  be  in  the  cards  this  year.  Combine  that 
with  server,  storage  and  network  virtrralization, 

and  we’ll  see  data  centers  remake  themselves 

before  our  eyes.  It’s  happening  very  quickly.  ♦ 


New  York  City 

Februat7  8,  2011 

8:15am  -4:30pm 
Javits  Convention  Center 

Register  today! 
www.itroadmap.net/nycad 


At  IT  Roadmap  Conference  &  Expo,  youTl  discover 
everything  you  need  to  know  to  make  informed 
technology  decisions  for  the  year  ahead  -  in  just 
one  day.  And  we  re  coming  to  New  York! 


IT  ROADMAP  2011 


Through  ROI  workshops,  technical  tutorials, 
strategy  sessions,  roundtable  discussions, 
keynote  addresses,  networking  opportunities 
and  an  interactive  expo  floor,  you'll  hear  fresh 
perspectives  and  new  technology  insights  from 
the  industry's  leading  IT  analysts,  top  tech 
practitioners,  and  experienced,  high-profile 
end  users. 

All  new  morning  tracks  include: 

•  The  New  Data  Center 

•  The  Connected  Enterprise 

•  The  Modern  Network 

•  The  Public  &  Private  Cloud 

•  The  Evolving  Threat  Landscape 

Who  Attends: 

•  CIOs  &  VPs 

•  Directors  of  IT 


New  York  City  February  8 

Chicago  March  15 

Denver  April  28 

Boston  June  7 

Dallas  September  13 

San  Francisco  October 

Washington.  DC  November 

To  learn  more,  visit: 

www.itroadmap.net/nycad 


•  IT  Managers 

•  Architects  &  Engineers 


For  more  information  about  sponsorship 
opportunities  and  benefits 

Contact  Andrea  D  Amato.  Vice  President  and 
Publisher  of  Network  World,  at 
adamatpianww.com  or  508-764-5455. 
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I€AN  TURN  WISHFUL 
THINKING  INTO 
A  BUSINESS  PLAN. 

I  HAVE  CLOUD  POWER. 


Windows  Azure  is  a  platform  for  developing,  deploying  and 
running  applications  in  the  cloud  with  virtually  unbounded 
scalability,  that  means  near-infinite  capacity  when  you  need  it. 
It  s  the  kind  of  flexibility  that  can  change  the  way  you  lun 
business  With  Windows  Azure,  inspiration  comes  less  from 
worst-case  planning  and  more  from  your  imagination. 

That's  Cloud  Power. 

Find  your  Cloud  Power  at  Microsoft.com/cloud/azure 


Microsoft 


Cloud  Power 


